3.1.1.3.1 LDAP Conformance

  • Article

The purpose of this section is to document how the implementation of Active Directory DCs interprets the LDAP v3 RFCs, including differences from those RFCs. Except as noted in the following subsections, Active Directory is compliant to [RFC3377].

Active Directory DCs nominally implement support for LDAP v2 [RFC1777]. However, except as noted in the next paragraph, Active Directory processes LDAP v2 requests and generates responses as if LDAP v3 had been requested by the client.

When processing an LDAP v2 request, Active Directory exhibits the following behavioral differences from processing an LDAP v3 request:

  • Instead of using the UTF-8 character encoding for LDAPString [RFC2251], the system's configured code page is used. The code page is configured locally on the DC by the DC's administrator.

  • Referrals and continuation references are generated using the format for LDAP v2 referrals as specified in section 3.1.1.3.4.

All LDAP error codes returned by Active Directory are taken from the resultCode enumeration of the LDAPResult structure defined in [RFC2251] section 4.1.10.